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DETAILED ACTION 

1. Claims 1-28 and 30-36 are presented for examination. 

The claims and only the claims form the metes and bounds of the invention. "Office personnel are to give claims their 
broadest reasonable interpretation in light of the supporting disclosure. In re Morris, 127 F.3d 1048, 1054-55, 
44 USPQ2d 1023, 1027-28 (Fed. Cir. 1997). Limitations appearing in the specification but not recited in the claim are 
not read into the claim. In re Prater, 415 F.2d 1393, 1404-05, 162 USPQ 541, 550-551 (CCPA 1969)" (MPEP p 2100- 
8, c 2, 1 45-48; p 2100-9, c 1, 1 1-4). The Examiner has full latitude to interpret each claim in the broadest reasonable 
sense. The Examiner will reference prior art using terminolog\ familiar to one of ordinan skill in the art. Such an 
approach is broad in concept and can be either explicit or implicit in meaning. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) submitted on 02/09/2004 is in compliance 
with the provisions of 37 CFR 1 .97. Accordingly, the information disclosure statement is being 
considered by the examiner. 

Change of Power of Attorney 

3. The change of Power of Attorney mailed on 1 1/21/2006 is duly noted. 

Claim Objections 

4. Claim 29 is objected to because of the following informalities: Claim 29 is missing. 
Appropriate correction is required. 



Claim Rejections - 35 USC § 112 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 
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The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

5. Claim 30 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

Claim 30 recites the limitation "the processor" in line 2. There is insufficient antecedent 
basis for this limitation in the claim. 

Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

6. Claims 1-4, 6-10, 13-15, 17-28, 30, 31, 33, and 34 are rejected under 35 U.S.C. 102(e) 
as being anticipated by US 6941271 (Soong). 

As to claim 1, Soong discloses a key maintenance method comprising: maintaining, in a 
datastore, a first-level access key that grants, to a medical service provider, a level of access to a 
set of medical records of a patient (Soong column 2, lines 47-57); retrieving the first-level access 
key; and generating a second-level access key by modifying the level of access of the first-level 
access key (Soong column 11, lines 6-49). 
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As to claim 2, Soong discloses the key maintenance method of claim 1 wherein: the 
levels of access of the first-level and second-level access keys are defined using one or more 
access parameters; the set of medical records is a multi-portion medical record; and the access 
parameters provide access to one or more portions of the set of medical records (Soong column 
12, lines 16-34). 

As to claim 3, Soong discloses the key maintenance method of claim 1 further 
comprising transmitting the second-level access key to the medical service provider, wherein the 
medical service provider subsequently stores the second-level access key on an MSP key 
repository assigned to the medical service provider (Soong column 6, lines 32-49). 

As to claim 4, Soong discloses the key maintenance method of claim 1 further 
comprising storing the second-level access key in the datastore (Soong column 11, lines 6-49). 

As to claim 6, Soong discloses the key maintenance method of claim 4 wherein the 
datastore is a patient key repository assigned to the patient (Soong column 11, lines 16-27). 

As to claim 7, Soong discloses the key maintenance method of claim 6 wherein the first- 
level access key was previously-provided to the medical service provider and previously-stored 
on an MSP key repository assigned to the medical service provider (Soong column 6, lines 32- 
49). 

As to claim 8, Soong discloses the key maintenance method of claim 7 wherein: the 
patient key repository is a first portion of a centralized key repository; and the MSP key 
repository is a second portion of the centralized key repository (Soong column 5, lines 14-36). 
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As to claim 9, Soong discloses the key maintenance method of claim 8 wherein the 
centralized key repository resides on and is executed by a remote server connected to a 
distributed computing network (Soong column 5, lines 9-1 1). 

As to claim 10, Soong discloses the key maintenance method of claim 9 wherein: the 
remote server is a web server; and the distributed computing network is the Internet (Soong 
column 5, lines 39-42). 

As to claim 13, Soong discloses the key maintenance method of claim 1 wherein the 
second-level access key enhances the level of access of the first level access key, wherein the 
medical service provider is granted a greater level of access to the set of medical records of the 
patient (Soong column 11, lines 39-44). 

As to claim 14, Soong discloses the key maintenance method of claim 1 wherein the 
second-level access key reduces the level of access of the first level access key, wherein the 
medical service provider is granted a reduced level of access to the set of medical records of the 
patient (Soong column 11, lines 30-39). 

As to claim 15, Soong discloses the key maintenance method of claim 1 wherein the 
second-level access key revokes the level of access of the first level access key, wherein the 
medical service provider is prohibited from accessing the set of medical records of the patient 
(Soong column 11, lines 44-49). 

As to claim 17, Soong discloses the key maintenance method of claim 16 wherein the 
datastore is a patient key repository assigned to the patient (Soong column 11, lines 16-27). 

As to claim 18, Soong discloses the key maintenance method of claim 17 wherein the 
first-level access key was previously-provided to the medical service provider and previously- 
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stored on an MSP key repository assigned to the medical service provider (Soong column 6, lines 
32-49). 

As to claim 19, Soong discloses the key maintenance method of claim 18 wherein: the 
patient key repository is a first portion of a centralized key repository; and the MSP key 
repository is a second portion of the centralized key repository (Soong column 5, lines 14-36). 

As to claim 20, The key maintenance method of claim 19 wherein the centralized key 
repository resides on and is executed by a remote server connected to a distributed computing 
network (Soong column 5, lines 9-1 1). 

As to claim 21, The key maintenance method of claim 20 wherein: the remote server is a 
web server; and the distributed computing network is the Internet (Soong column 5, lines 39-42). 

As to claim 22, A key maintenance system comprising: a server system including a 
computer processor and associated memory, the server system having a centralized key 
repository and a centralized medical record repository (Soong column 5, lines 7-9); wherein the 
server system is configured to: maintain, in a datastore, a first-level access key that grants, to a 
medical service provider, a level of access to a set of medical records of a patient (Soong column 
2, lines 47-57); retrieve the first-level access key; and generate a second-level access key by 
modifying the level of access of the first-level access key (Soong column 11, lines 6-49). 

As to claim 23, The key maintenance system of claim 22 wherein the server system is 
further configured to store the second-level access key in the datastore (Soong column 11, lines 
6-49). 

As to claim 24, The key maintenance system of claim 23 wherein the datastore is a 
patient key repository assigned to the patient (Soong column 11, lines 16-27). 
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As to claim 25, Soong discloses the key maintenance system of claim 24 wherein the 
first-level access key was previously-provided to the medical service provider and previously- 
stored on an MSP key repository assigned to the medical service provider (Soong column 6, lines 
32-49). 

As to claim 26, Soong discloses the key maintenance system of claim 25 wherein: the 
patient key repository is a first portion of a centralized key repository; and the MSP key 
repository is a second portion of the centralized key repository (Soong column 5, lines 14-36). 

As to claim 27, The key maintenance system of claim 26 wherein the centralized key 
repository resides on and is executed by a remote server connected to a distributed computing 
network (Soong column 5, lines 9-1 1). 

As to claim 28, The key maintenance system of claim 27 wherein: the remote server is a 
web server; and the distributed computing network is the Internet (Soong column 5, lines 39-42). 

As to claim 30, A computer program product residing on a computer readable medium 
having a plurality of instructions stored thereon which, when executed by the processor, cause 
that processor to: maintain, in a datastore, a first-level access key that grants, to a medical service 
provider, a level of access to a set of medical records of a patient (Soong column 2, lines 47-57); 
retrieve the first-level access key; and generate a second-level access key by modifying the level 
of access of the first-level access key (Soong column 11, lines 6-49). 

As to claim 31, The computer program product of claim 30 further comprising 
instructions for storing the second-level access key in the datastore (Soong column 11, lines 6- 
49). 
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As to claim 33, The computer program product of claim 30 wherein the datastore is a 
patient key repository assigned to the patient (Soong column 11, lines 16-27). 

As to claim 34, Soong discloses the computer program product of claim 33 wherein the 
first-level access key was previously-provided to the medical service provider and previously- 
stored on an MSP key repository assigned to the medical service provider (Soong column 6, lines 
32-49). 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 5, 11, 12, 16, 32, 35, and 36 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over US 6941271 (Soong) in view of US 20040068650 (Resnitzky). 

As to claim 5, Soong discloses the key maintenance method of claim 4. Soong fails to 
teach further comprising deleting the first-level access key from the datastore. 

However, Resnitzky discloses further comprising deleting the first-level access key from 
the datastore (Resnitzky page 7, paragraph 0128). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention to combine Soong and Resnitzky because Soong teaches multiple databases and 
Resnitzky teaches manipulating databases (Resnitzky page 7, paragraph 0128). 
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As to claim 11, Soong discloses the key maintenance method of claim 7. Soong fails to 
teach further comprising reconciling the patient key repository and the MSP key repository. 

However, Resnitzky discloses further comprising reconciling the patient key repository 
and the MSP key repository (Resnitzky page 8, paragraphs 0130-0132). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention to combine Soong and Resnitzky because Soong teaches multiple databases and 
Resnitzky teaches how to reconcile them (Resnitzky page 8, paragraphs 0130-0132). 

As to claim 12, Soong discloses the key maintenance method of claim 11. Soong fails to 
teach wherein reconciling includes overwriting the first-level access key stored within the MSP 
key repository with the second-level access key stored in the patient key repository. 

However, Resnitzky discloses wherein reconciling includes overwriting the first-level 
access key stored within the MSP key repository with the second-level access key stored in the 
patient key repository (Resnitzky page 8, paragraphs 0130-0132). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention to combine Soong and Resnitzky because Soong teaches multiple databases and 
Resnitzky teaches how to reconcile them (Resnitzky page 8, paragraphs 0130-0132). 

As to claim 16, Soong discloses a key maintenance method comprising: maintaining, in a 
datastore, a first-level access key that grants, to a medical service provider, a level of access to a 
set of medical records of a patient (Soong column 2, lines 47-57); retrieving the first-level access 
key; generating a second-level access key by modifying the level of access of the first-level 
access key (Soong column 11, lines 6-49); and. Soong fails to teach deleting the first-level 
access key from the datastore. 
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However, Resnitzky discloses deleting the first-level access key from the datastore 
(Resnitzky page 7, paragraph 0128). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention to combine Soong and Resnitzky because Soong teaches multiple databases and 
Resnitzky teaches manipulating databases (Resnitzky page 7, paragraph 0128). 

As to claim 32, Soong discloses the computer program product of claim 30. Soong fails 
to teach further comprising instructions for deleting the first-level access key from the datastore. 

However, Resnitzky discloses further comprising instructions for deleting the first-level 
access key from the datastore (Resnitzky page 7, paragraph 0128). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention to combine Soong and Resnitzky because Soong teaches multiple databases and 
Resnitzky teaches manipulating databases (Resnitzky page 7, paragraph 0128). 

As to claim 35, Soong discloses the computer program product of claim 34. Soong fails 
to teach further comprising instructions for reconciling the patient key repository and the MSP 
key repository. 

However, Resnitzky discloses further comprising instructions for reconciling the patient 
key repository and the MSP key repository (Resnitzky page 8, paragraphs 0130-0132). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention to combine Soong and Resnitzky because Soong teaches multiple databases and 
Resnitzky teaches how to reconcile them (Resnitzky page 8, paragraphs 0130-0132). 

As to claim 36, Soong discloses the computer program product of claim 35. Soong fails 
to teach wherein the instructions for reconciling include instructions for overwriting the first- 
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level access key stored within the MSP key repository with the second-level access key stored in 
the patient key repository. 

However, Resnitzky discloses wherein the instructions for reconciling includes 
overwriting the first-level access key stored within the MSP key repository with the second-level 
access key stored in the patient key repository (Resnitzky page 8, paragraphs 0130-0132). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention to combine Soong and Resnitzky because Soong teaches multiple databases and 
Resnitzky teaches how to reconcile them (Resnitzky page 8, paragraphs 0130-0132). 

Prior Art 

8. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. US 6006228 is pertinent because it teaches... The system includes a server (12A) in 
which a number of documents are stored for access by user terminals (20A...20N). A database 
(A) is provided in the server (12A) that has a device for storing user information, a device for 
storing document information and a device for providing access to the stored documents 
document-by-document on the basis of the user information and the document information. The 
device for storing user information includes device for storing a user identification name, an 
associated user password and an associated security level indicator for indicating the highest 
level of security access with which the user name is associated. US 200201 80771 is pertinent 
because it teaches. . . A virtual being database (154) made up of a set of hierarchically-arranged 
fields, wherein each field is tagged with access control information (152) controlling which 
parties (or computers) (110, 1 12, 1 14 and 1 16) are allowed to access each field, and which 



Application/Control Number: 10/726,952 Page 12 

Art Unit: 2136 

parties (or computers) (110, 112, 114 and 116) are allowed to revise each field. Some fields of 
the virtual being relate to personality traits (162), while other fields relate to body measurements. 
Also, data requests to be made by a plurality of virtual beings (154) to a remote networked 
computer (102) are aggregated into a single request in order to improve communication 
efficiency. US 20060288425 is pertinent because it teaches. . . The method for securing data on a 
personal computer having security sensitive content grouped into security levels, each with a 
clearance code, includes filtering and extracting sensitive content by security level and separately 
storing the security content in remote extract stores. Remainder data is stored locally or remotely. 
A map for selected extract stores may be generated. The filter and/or map may be destroyed or 
stored. The data input, extracted data and remainder data may be deleted from the originating 
computer. Encryption may be utilized to enhance security (including transfers of data, filter and 
map). Reconstruction of the data is permitted only in the presence of a predetermined security 
clearance. Full or partial reconstruction is possible, based upon the security clearances. A 
computer readable medium containing programming instructions and an information processing 
system is encompassed. US 5530854 is pertinent because it teaches. . . A key is generated by the 
database which uniquely identifies data in a child tuple. As a result, virtual parent relations are 
referenced by an original primary key, but has its underlying attribute values stored in one or 
more secondary relations whose access is gained through stored generated keys. The application 
interface is unaffected, because the system transparently pieces together the virtual relation from 
the primary and one or more secondary relations. US 7272230 is pertinent because it teaches. . . 
To provide a cryptographic system capable of flexibly changing decryption authorization and 
preventing the action of a third person impersonating a user having the decryption authorization 
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to improperly utilize the system. When an enciphered file is accepted in a client, a decryptor ID, 
a creator ID, and a first enciphered session key are transmitted to a key management server 10 
(step 141). It is judged whether or not the creator ID is stored as a decryption object ID in a 
management database in correspondence with the decryptor ID (step 147). When the creator ID 
is stored, the first enciphered session key is deciphered with an inherent key corresponding to the 
creator ID in the management database (step 148), and the obtained session key is enciphered 
with a public key corresponding to the decryptor ID (step 149). A secret key is used in a client 
which has received a second enciphered session key so that deciphering processing is performed, 
to obtain a session key. Enciphered data is deciphered with the session key. US 7353532 is 
pertinent because it teaches. . . The invention includes various systems, architectures, frameworks 
and methodologies that can securely enforce a privacy policy. A method is include for securely 
guaranteeing a privacy policy between two enterprises, comprising: creating a message at a first 
enterprise, wherein the message includes a request for data concerning a third party and a privacy 
policy of the first enterprise; signing and certifying the message that the first enterprise has a 
tamper-proof system with a privacy rules engine and that the privacy policy of the first entity 
will be enforced by the privacy rules engine of the first enterprise; sending the message to a 
second enterprise; and running a privacy rules engine at the second enterprise to compare the 
privacy policy of the first enterprise with a set of privacy rules for the third party. 
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Conclusion 

9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Rebecca L. Pachura whose telephone number is (571) 270-3402. 
The examiner can normally be reached on Monday-Thursday 10:00 am-8:00 pm EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on (571) 272-4195. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Rebecca L Pachura/ 
Examiner, Art Unit 2136 



/Nasser G Moazzami/ 

Supervisory Patent Examiner, Art Unit 2136 



